If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

NSA patent.

Method for geolocating logical network addresses on electronically switched dynamic communications networks, such as the Internet, using the time latency of communications to and from the logical network address to determine its location. Minimum round-trip communications latency is measured between numerous stations on the network and known network addressed equipment to form a network latency topology map. Minimum round-trip communications latency is also measured between the stations and the logical network address to be geolocated. The resulting set of minimum round-trip communications latencies is then correlated with the network latency topology map to determine the location of the network address to be geolocated.

Anyone who thinks you can hide online should read this.

What happens if a big asteroid hits the Earth? Judging from realistic simulations involving a sledge hammer and a common laboratory frog, we can assume it will be pretty bad. - Dave Barry

Wow. Interesting. We all knew somehting likethis was possible, but now we have sen it explained in practical and technical terms. From what I understand, the NSA would select a number of locations around the world and set the lag time, or round trip time, to those destinations manually.

So let's say the RoadRunner network is set at 30 ms, Rogers at 50 ms, and Level 3 at 70 ms. They have a computer they wish to locat, and communicate with it somehow, getting a response time of 53 ms. This would indicate that the target computer is somewhere on the rogers network. These latencies can then be adjusted to allow for normally present latencies inherent in individual networks.

For further accuracy, they can place hosts on individual subnetworks of those networks. Say they find a host is on the RoadRunner network. The NSA now has hosts on each subnetwork of Roadrunner, with latencies set at 100 ms for Ohio, 200 ms for New York, and 300 ms for Alabama (I think they have Internet there by now). A response time of 124 ms would indicate that the target is in Ohio.

I can see at least one flaw at this time; the design relies upon reliable communications with the target and every point during the geolocation. I could deny communication from any point along the geolocation resolution process to limit the accuracy of thier search.

This patent brings up same very good challenges with ideas such as onion routing, tor, and FreeWeb. For one, it relies on an endpoint-to-endpoint communication with the host, and therfore relies on the theory that the Internet is heirarchical in structure. While this is essentially true, that assumption will fail to hold when I apply another mesh network on top of the endpoints of the Internet, as would be the case in the Tor network or Onion Routing.

But... counterpoint.

They could easily develop an implementation of this patent to place on the Tor network, or for use with onion routing networks. Unfortunately I am famailer enough with neither to accurately envision what a showdown between this new geolocation technique and an onion routed netork, or Tor, would look like.

As for FreeWeb, they may in fact have tens or hundreds of targets to track down, where the individuals providing the hosting for the target data are completely unaware of its content. The geolocation of such a target may prove to be fruitless, especially when it is replicated across several, if not thousnds, of endpoints.

So it will work in theory for endpoint to endpoint communication along a heirarchical Internet with single targets, but how well will it work against onion routed networks, Tor
routed networks, or distributed storage networks such as FreeNet?Or in the case where they simply have no reliable means of communications with the target?

Ok wow. My brain is racing with attacks and defense mechanisms against this. And I need to sleep. So what happens when the targets address is only known through participation in a non-tradidional Internet?

Your insights and opinions would be appreciated.

P.S. That got my mind off the gas prices and the pending apocalypse(?). I can already feel my brain being oiled. It's something to think about, that's for sure. It's like a game of chess.

Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.

If all you care about is finding the source of the attack yes. But the NSA will sieze the zombie computer under the Patriot Act, and use that to find the real prepetrator. Besides, I think the NSA if aster people who compromise corporate, university, or governent networks, not end user machines.

Anyway, no offense d0pp, I was trying to help a theoretical discussion get going... just trying to keep it pointed that way.

The compromised machine could be part of a network on top of the Intenet, too. They may in fact need to find ways to infiltrate these botnets with this techniqe to find the master of them, so that raises an interesting question, too.

Government is like fire - a handy servant, but a dangerous master - George Washington
Government is not reason, it is not eloquence - it is force. - George Washington.

Originally posted here by Striek If all you care about is finding the source of the attack yes. But the NSA will sieze the zombie computer under the Patriot Act, and use that to find the real prepetrator.

That would only work if the computer is in the USA..

Most botnets I've seen are actualy quite lame..
A simple disection of the bot or even a netstat or ettercap will reveale the controling system of the bot..
Usualy an irc server..

ASCII stupid question, get a stupid ANSI.
When in Russia, pet a PETSCII.
Get your ass over to SLAYRadio the best station for C64 Remixes !

I know the guy who was attempting to sell this project to the NSA... they said "we don't understand... (he gave more info) we don't understand... (he gave still more info) that can't be done... (he gave even more infor) that can't be done... (he gave up nearly all the info) oh yeah... we're already doing that (which voids any NDA), and we've decided this has national security concerns, you are no longer allowed to work on this... thanks!"

The joys of dealing with the government, if you're small they'll just rip you off and if you're large... well the FBI just scapped SAIC's search engine project after giving SAIC ~$130mil because it didn't work and was deemed unfixable. No fines, no nothing.